Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Thu 23 Oct 2014, 16:18
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Who's spying?
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [24 Posts]   Goto page: 1, 2 Next
Author Message
musher0


Joined: 04 Jan 2009
Posts: 4255
Location: Gatineau (Qc), Canada

PostPosted: Wed 26 Jun 2013, 02:30    Post subject:  Who's spying?
Subject description: lsof -i displays troubling info
 

Hi,

I don't know what to think of the info lsof -i came up with. As you can see from the picture, I was not visiting any web site at that moment, but lsof told me I was connected to a number of sites.

Since I'm not all that familiar with security topics on Puppy, I'll be grateful for any light you can shed. Thanks in advance.

Regards.

musher0

~~~~~~~~~~~
Here's the lsof -i report in straight text format.
Quote:
mer jun 26 02:06:16 EDT 2013
. ("~~~~~~~~" used to hide my address.)
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
cupsd 3917 root 6u IPv4 5137 0t0 UDP *:631
opera 18647 root 25u IPv4 268876 0t0 TCP ~~~~~~~~->wikipedia-lb.eqiad.wikimedia.org:443 (ESTABLISHED)
opera 18647 root 42u IPv4 274898 0t0 TCP ~~~~~~~~->ec2-107-21-1-80.compute-1.amazonaws.com:443 (ESTABLISHED)
opera 18647 root 46u IPv4 275587 0t0 TCP ~~~~~~~~->ds-usa-bln-2.itftd.com:www (ESTABLISHED)
opera 18647 root 49u IPv4 275153 0t0 TCP ~~~~~~~~>ds-usa-bln-1.itftd.com:www (ESTABLISHED)
opera 18647 root 50u IPv4 275470 0t0 TCP ~~~~~~~~>ds-usa-bln-2.itftd.com:www (ESTABLISHED)
opera 18647 root 54u IPv4 275523 0t0 TCP ~~~~~~~~->ie-in-f95.1e100.net:www (ESTABLISHED)
opera 18647 root 55u IPv4 275588 0t0 TCP ~~~~~~~~->ds-usa-bln-2.itftd.com:www (ESTABLISHED)
opera 18647 root 56u IPv4 275594 0t0 TCP ~~~~~~~~->ds-usa-bln-1.itftd.com:www (ESTABLISHED)
opera 18647 root 57u IPv4 275590 0t0 TCP ~~~~~~~~->ds-usa-bln-2.itftd.com:www (ESTABLISHED)
opera:lib 27671 root 54u IPv4 247468 0t0 UDP ~~~~~~~~->~~~~~~~~:domain
.
25am-b&w.jpg
 Description   (b&w on purpose to save space on the forum)
 Filesize   56.08 KB
 Viewed   682 Time(s)

25am-b&w.jpg


_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
Semme

Joined: 07 Aug 2011
Posts: 3968
Location: World_Hub

PostPosted: Wed 26 Jun 2013, 06:58    Post subject:  

Hello Musher- Do you retain cookies? Are you an online (Nintendo) gamer? Do you run a blog?
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4255
Location: Gatineau (Qc), Canada

PostPosted: Wed 26 Jun 2013, 08:01    Post subject:  

Semme wrote:
Hello Musher- Do you retain cookies? Are you an online (Nintendo) gamer? Do you run a blog?


Hi, Semme.

Thanks for your reply.
Yes to the first question, no to the other two.

musher0

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
Barkin


Joined: 12 Aug 2011
Posts: 728

PostPosted: Wed 26 Jun 2013, 10:14    Post subject:  

musher0 wrote:
... I was not visiting any web site at that moment, but lsof told me I was connected to a number of sites.

Established connections can persist for a minute or so after you have closed a browser window.

"ec2-107-21-1-80.compute-1.amazonaws.com:443" looks like the search-engine "DuckDuckgo"

"ie-in-f95.1e100.net" is Google

Some internet browsers communicate with Google even though you are not using Google-search, to check the site you're going to is legit, (not blacklisted).

see ... http://en.wikipedia.org/wiki/Google_Safe_Browsing
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3382
Location: Oregon

PostPosted: Wed 26 Jun 2013, 15:44    Post subject:  

Another thing to think of is that you may have been part of the many that the NSA is spying/monitoring.
And if it was not for Edward Snowden bringing it to light, we may have not known.
The NSA also seems to be in a hurry to silence him as they are unsure of additional information he may have.

And you are not necessarily being spied on by the NSA.
They may have contracted others to do the spying.
Also, it is not just phone conversations, it could be looking at what you do on the net as to where you go and what you do.

But any spying on correspondence in whatever country without any form of warrant, is just plain wrong.

As a for instance, lets say that I was interested in the technology of the new printers that can make human body parts or firearms and investigate how to do it as well as download some free plans for making something with a printer.
Will this flag me as a possible "Enemy of the State" to be monitored as to where I go and what I do as well as tapping my phone calls and web activity?

In all of this, I am not singling out any country or nation.
Just imagine if I was considered a risk and was targeted for removal with a drone?

At what point do we say enough is enough?
Back to top
View user's profile Send private message 
Semme

Joined: 07 Aug 2011
Posts: 3968
Location: World_Hub

PostPosted: Wed 26 Jun 2013, 16:00    Post subject:  

As Barkin referenced.. lsof -i list anyone after your browser's been closed a minute or two?
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4255
Location: Gatineau (Qc), Canada

PostPosted: Wed 26 Jun 2013, 16:28    Post subject:  

Hi, 8-bit.

Good to hear from you.

Yeah, I'm concerned too. And the way you bring the elements together (IT
and phone tapping, wrong interpretation of data, drone). They'll probably
say: "Oh, it was only an 8-bit!". (Sorry for the dark humor/pun.) Twisted Evil

But the point is, police generally are not known for the acceptance of
originals (including inventors and artists): anyone not fitting the
mold is suspect. Such tools in the hands of such people are extremely
dangerous for the freedom of thought.

It may be just a sling-shot to fight a machine-gun, but that's why I dusted
off lsof and put it back in service. About Mr. Snowden, in my book, the
man's a hero of the people. I wish we had his "cousin" here in Canada.

We have the "Communications Security Establishment", a dedicated IT-
spying government agency which was recently detached from our CSIS.
Very secret. CSIS and the RCMP are accountable to Parliement, but not
they (the CSE) ... Only to the PMO (Prime Minister's Office). Among other
capabilities, apparently then can drive by in a car in your street and
"capture" whatever you're doing on your computer through the electric
variations. (That's my understanding of it, I'm not a techie.) My
point is that we don't know how they can interpret a behavior that
seems most innocent to average people, that everybody may be doing
in his/her way.

Anyway, let's keep our heads up and use whatever tools democracy can
offer to control these guys.

Thanks also to Barkin for the precise info on the sites.

BFN.

musher0

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
8-bit


Joined: 03 Apr 2007
Posts: 3382
Location: Oregon

PostPosted: Wed 26 Jun 2013, 16:48    Post subject:  

As to the access of data during a drive-by, I seem to recall that Google did such a thing.
Goggle had to backstep to explain that.

And if Edward Snowden had a cousin in Ca., would he be safe from extradition to the US?
I do not know Canada's policy on that subject.
Back to top
View user's profile Send private message 
Caneri

Joined: 04 Sep 2007
Posts: 1580
Location: Canada

PostPosted: Wed 26 Jun 2013, 17:02    Post subject:  

@8-bit,

Yup..our Prime Minister would sell out to the US gov in a heartbeat.....grrr

We have extradition to the US a a default policy...not good, as some Afgan soldiers/protesters/objectors had to be sent back to the US..without enough questions. It took a bit of news/media to put some light on it.

We have a dictator in Canada at the moment, so whatever "ALEC" wants they get.

_________________
Be not afraid to grow slowly, only be afraid of standing still.
Chinese Proverb

Back to top
View user's profile Send private message 
Barkin


Joined: 12 Aug 2011
Posts: 728

PostPosted: Wed 26 Jun 2013, 19:38    Post subject:  

NSA-type monitoring would siphon-off the data from search-engines and email providers like Google and Yahoo, rather than directly from each home computer ... http://www.guardian.co.uk/world/2013/jun/07/nsa-prism-records-surveillance-questions

As any half-computer-literate villain is going to encrypt their communications, then NSA are wasting their time looking for terrorists in Google traffic: only the densest nutter is going to google "how do I make a bomb" ...
Yahoo Answers re ''Alkida'' (Al-Qaeda).gif
 Description   
 Filesize   31.69 KB
 Viewed   552 Time(s)

Yahoo Answers re ''Alkida'' (Al-Qaeda).gif

Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4255
Location: Gatineau (Qc), Canada

PostPosted: Wed 26 Jun 2013, 23:02    Post subject:  

@caneri:

Who's "ALEC"? A character in Canadian folklore? Should I know "him" or "it"? Smile I'm joking, but I'm serious about knowing. Is it a new nickname for our PM?

@Barkin

Very funny picture. Laughing The category gives it away! Laughing (fish -> "fishy" !)
Sort of a "dumb and dumber" story, isn't?

BFN

musher0

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)
Back to top
View user's profile Send private message Visit poster's website 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Thu 27 Jun 2013, 04:29    Post subject:  

musher0 thanks for the thread. You tell us your not a techie
but I am not even on your level of knowledge.

How does one use that Isof thing your talk about.
is that a puppy pet or what? Built in or one have to PPM?

Okay so now we know that some minutes after one have killed the cookies
they still are connected to us. So one need to do what?

Wait another two minutes and then use that magical program
that tells whom that are connected?

My new neighbor some three stories up in the building
stood outside my door one night with a laptop and headphone
and was kind of snooping after my or the other 5 living on first floor
to see if he could break into our Router so I should shut it down
but don't know how to. When I opened my door he ran super fast
up the stairs and did not wanted me to see his face I only saw his back.

They are three Gamers living together like student collective
due to high cost of getting ones own apartment they cost very much
so a lot of youngsters can not afford it so they hire second hand.

Tell me how you do that isof thing

_________________
I use Google Search on Puppy Forum
not an ideal solution though
Back to top
View user's profile Send private message 
Semme

Joined: 07 Aug 2011
Posts: 3968
Location: World_Hub

PostPosted: Thu 27 Jun 2013, 07:43    Post subject:  

Noobs >> fer YOU!
Back to top
View user's profile Send private message 
nooby

Joined: 29 Jun 2008
Posts: 10557
Location: SwedenEurope

PostPosted: Thu 27 Jun 2013, 07:56    Post subject:  

Thanks Semme so obviously I should open the terminal
and write lsof -i and it list
You can list all the network connections opened by using ‘-i’ option.

Cool thanks for the pet file
I am using Lupu 528-005 so hope it works with that one
will test it later today and report back here thanks

_________________
I use Google Search on Puppy Forum
not an ideal solution though

Last edited by nooby on Thu 27 Jun 2013, 08:34; edited 1 time in total
Back to top
View user's profile Send private message 
musher0


Joined: 04 Jan 2009
Posts: 4255
Location: Gatineau (Qc), Canada

PostPosted: Thu 27 Jun 2013, 08:14    Post subject:
Subject description: lsof-4.87.pet
 

Thanks for the good reference, Semme.

@nooby and all others who might need a copy:
Here's a pet package of lsop, version 4.87. AFAIK, it's the
latest version. Please download from :
~~~~~~~~~~
EDIT :
New URL for download:
http://www66.zippyshare.com/v/79186025/file.html
(Valid for 30 days starting March 5, 2014.)
END OF EDIT
~~~~~~~~~~~~

Works well on wary 5.5 and WheezyPup 3.5.2.5.
~~~~~~~~~~~~
EDIT, March 04, 2014: and UpupRaring 3.992
~~~~~~~~~~~~
Not tested on other Puppies. Let us know? Thanks.

lsof is indeed quite a useful tool, even if you are not a system
administrator. I find it more flexible, simpler to handle and more
informative than "ps" when I need to know what process is doing
what or is using what resources, etc. And of course, it's a must for
detecting the open ports on your machine.

The lsof web site is at http://people.freebsd.org/~abe/. Contains
the manuals, too. If you wish to compile it for your own Puppy,
the source is at ftp://lsof.itap.purdue.edu/pub/tools/unix/lsof/lsof.tar.bz2.

@nooby again:
To use lsof to know what connections you have active, simply
go in a console and type:
Code:
lsof -i


If you are not online, only the cups (or printer) connection should appear.

If you are online, you should have the cups connection AND one line
for each tab (or web site) that you have open in your browser. Also
the e-mail provider, if your e-mailer is open.

If the number of lines is larger than the number of browser tabs, plus
the cups connection, plus the e-mail connection (if your e-mailer is open),
redo the command like so:
Code:
lsof -i > lsof_open_connections.txt

(You can use another suitable name for the log file.)
You then have a little log with a list of web sites than you can investigate by yourself or with help (here?).

I hope this is clearer now.

Best regards,

musher0

_________________
"Logical entities must not be multiplied needlessly." / "Il ne faut pas multiplier les êtres logiques inutilement." (Ockham)

Last edited by musher0 on Wed 05 Mar 2014, 17:40; edited 2 times in total
Back to top
View user's profile Send private message Visit poster's website 
Display posts from previous:   Sort by:   
Page 1 of 2 [24 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.1088s ][ Queries: 12 (0.0224s) ][ GZIP on ]